Cybercriminals are sending your employees Valentine's Day bouquets of spam

Preying on the lovelorn is an annual event that could quickly become a problem for business

As another Valentine’s Day, surging levels of scam activity are a reminder that this is a prime season for online cybercriminals and scammers to target the lovelorn.

More than 4.3 million users attempted to visit romantic-themed fraudulent websites during the first half of February, security firm Kaspersky Lab has reported based on analysis of the sites blocked by its tools.

That was more than twice the 2m visits blocked on Valentine’s Day last year, with Brazil the most-affected country – representing over 6.4 percent of all detections – and Portugal (5.8 percent), Venezuela (5.5 percent), Greece (5.3 percent), and Spain (5.1 percent) filling out the Top Five.

Phishers often exploit the emotions of targets that may be emotionally heightened at this time of year; pre-order gift items and performance-enhancing drugs were singled out as being particularly common lures for phishing targets at this time of year.

Romantic scams and phishing have long gone hand in hand, with users particularly vulnerable to partners or those who they perceive to have an interest in them.

“Many people get carried away with their emotions, excitement and love which could result in falling for a phishing attack,” senior security researcher Noushin Shabab warned, noting the results of recent Kaspersky Lab research that found digital devices often create or exacerbate conflict in romantic relationships.

Kaspersky Lab warned of messages demanding immediate action asking for large amounts of personal information, coming from unknown organisations, or having suspicious or unusual email addresses.

Australians lost $24.65m in 3981 scams reported to the Australian Competition & Consumer Commission (ACCC) ScamWatch service during 2018.

January 2019 saw Australians hand over $1.245m in 349 dating and romance scams, with social networking used for 36.1 percent of attacks and Internet sites (20.9 percent), mobile applications (16.9 percent), and email (13.5 percent) all common channels for compromise.

Mobile devices were increasingly a conduit for romantic scams, with mobile applications used in 16.9 percent of cases and text messages in 6 percent.

Fully 32.1 percent of the scams involved financial losses.

February predictably marks a surge in scam losses, with losses in February 2018 reaching $2.463m.

That month saw a strong skew towards females, who comprised 56.9 percent of victims during the month.

Email was much more frequently cited as a main source of scams – comprising 29.9 percent of scams last February – reflecting the efforts of scammers to ramp up their phishing endeavours during the Valentine’s Day period.

“Scammers will go to great lengths to gain your interest and trust, such as showering you with loving words, sharing ‘personal information’ and even sending you gifts,” ScamWatch warns. “They may take months to build what may feel like the romance of a lifetime and may even pretend to book flights to visit you, but never actually come.”

Dating scams may seem like a personal issue, but with nearly 3 data breaches in Australia every day the lines between personal compromise and business vulnerabilities can quickly be redrawn if a romance scam email is laced with malware.

Indeed, businesses are being pummelled by surging volumes of business email compromise (BEC) attacks that prey on vulnerable individuals – with often dramatic consequences for victims and the people around them.

A Scottish woman, for example, is being sued by her employer after falling for a BEC attack that saw her lose nearly £200,000 ($A369,647) of her employer’s money.

Tags cybercrimeFacebookkasperskycybercriminals

Show Comments